On Wed, Aug 25, 2021 at 11:47:10AM -0700, Dave Hansen wrote:
> On 8/19/21 6:27 AM, Mike Rapoport wrote:
> > Such PMDs are created when free_kernel_image_pages() frees regions larger
> > than 2Mb. In this case a part of the freed memory is mapped with PMDs and
> > the set_memory_np_noalias() -> ... -> __change_page_attr() sequence will
> > mark the PMD as not present rather than wipe it completely.
> >
> > Make kern_addr_valid() to check whether higher level page table entries are
> > present before trying to dereference them to fix this issue and to avoid
> > similar issues in the future.
> >
> > Reported-by: Jiri Olsa <jolsa@xxxxxxxxxx>
> > Signed-off-by: Mike Rapoport <rppt@xxxxxxxxxxxxx>
> > Cc: <stable@xxxxxxxxxxxxxxx> # 4.4...
> > pmd = pmd_offset(pud, addr);
> > - if (pmd_none(*pmd))
> > + if (!pmd_present(*pmd))
> > return 0;
>
> Yeah, that seems like the right fix. The one kern_addr_valid() user is
> going to touch the memory so it *better* be present. p*d_none() was
> definitely the wrong check.
>
> Acked-by: Dave Hansen <dave.hansen@xxxxxxxxx>
So I did stare at this for a while, trying to make sense of it and David
Hildenbrand asked for a Fixes: tag in v1 review and from doing a bit of
git archeology I think it should be:
c40a56a7818c ("x86/mm/init: Remove freed kernel image areas from alias mapping")
because that thing added the clearing of the Present bit for the high
kernel image mapping of those areas.
Right?
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
